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FOLDER TYPE TIME STAMPING SYSTEM AND 
DISTRIBUTED TIME STAMPING SYSTEM 

5 BACKGROUND OF THE INVENTION 
FIELD OF THE INVENTION 

The present invention relates to a folder type time 
stamping system and a distributed time stamping system that 
10 enable to prove that digital documents are not altered 

since a time of the time stamp and definitely existed at a 
time of the time stamp in a service for time stamping 
digital documents. 

15 DESCRIPTION OF THE BACKGROUND ART 

Under the first to invent system of the U.S. patent 
practice, it is possible to use a dated research notebook 
as an evidence for establishing the priority date, and a 
dated housekeeping book can be used as a record of 

20 disbursement for the final income tax return, for example. 
On the other hand, in conjunction with the increasing 
utilization of a PC on daily basis, it has become popular 
to keep a daily record such as the research notebook and 
the housekeeping book by using a PC. 

25 However, in the case of electronic digital records 

made on a PC, it has been difficult to prove the recorded 
content including the recorded date and time to a third 
person because such electronic digital records can be 
altered easily, unlike the records using papers as 

30 recording medium. 

In this regard, there has been a proposition of a 
service for time stamping digital documents using a 
personal date/time notary device as disclosed in U.S. 
Patent No. 5,422,953. In this personal date/time notary 

35 device, a time stamping device is incorporated into a smart 
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card or the like and the time stamping is carried out at a 
time of the digital signature. 

There has also been a proposition of a public/key 
date-time notary facility as disclosed in U.S. Patent No. 
5 5,001,752 and U.S. Patent No. 5,136,643, in which a time 
stamping device is provided as a single hardware platform 
such that a document creator can carry out the time 
stamping using that device. 

Both of these propositions are based on a scheme where 
10 a document creator carries out the time stamping so that 
the time stamp can be easily forged and there is no 
reliability as they do not amount to a proof by a third 
party. 

There has also been a proposition of an electronic 

15 notary as disclosed in U.S. Patent No. 5,022,080, in which 
the time stamping is carried out by producing a compressed 
document using CRC (Cyclic Redundancy Check) , parity and 
checksum for the original document in combination. For the 
compressed document produced in this scheme, it is easier 

20 to forge a digital document that has the same compressed 
document, compared with a compressed document produced by 
the hash function (such as MD5 or SHA-1, for example) that 
is currently widely used as the cryptographic technique. 
There has also been a proposition of a digital 

25 document time-stamping scheme as disclosed in U.S. Patent 
No. 5,136,646 and U.S. Patent No. 5, 136,647, in which a 
time stamp certificate is produced independently by an 
external time stamping agency. In this time stamping 
scheme, the external agency can easily forge the 

30 certificate. 

In order to remedy these problems, there has been a 
proposition of a scheme for producing a time stamp 
certificate by digitally signing a compressed document 
obtained by applying a hash function to a digital document 

35 in which a received time stamping request is combined with 
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an immediately previously issued time stamp certificate of 
the external agency. In this scheme, it is practically 
impossible for the external agency to forge the time stamp 
certificate, but the order among different rounds (constant 
5 periods for issuing time stamp certificates) cannot be 
verified. 

Also, in order to prove that the time stamp 
certificate is authentic, the certificates issued up to 
that point will be necessary. Namely, it is impossible to 

10 prove the time stamp certificate as authentic unless either 
all the time stamp certificates issued by the external 
agency or those time stamp certificates that are necessary 
in tracing back to the value of the time stamp certificate 
at a time of the periodic public disclosure are stored. For 

15 this reason, the system requires an enormous memory 

capacity and an enormous amount of time in proving the 
authenticity. 

Currently, the IETF (Internet Engineering Task Force) 
is in a process of standardizing a protocol in which a 

20 digital document compressed by the hash function is sent to 
an external agency, and a time stamp certificate is 
produced for this compressed digital document at the 
external agency. This proposed scheme already has a problem 
that it is impossible to eliminate a possibility for 

25 forging the time stamp certificate and a possibility for a 
malicious third party who is not permitted to acquire the 
time stamp certificate to illegally acquire the time stamp 
certificate . 

On the other hand, Japanese Patent Application No. 11- 
30 35761 (1999) discloses a time-stamping device in which a 
single time stamping agency has partial secret keys that 
are equivalent to subdivided secret keys of the public key 
cryptosystem, and each partial signing agency which is a 
third party agency generates a partial signature 
35 independently, rather than generating a digital signature 
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at a single time stamping agency, such that the forgery of 
the time stamp certificate by the time stamping agency is 
prevented. 

In this time stamping device, it is possible to prove 
the existence of a digital document at high reliability by 
regularly producing a document creation log at a client 
side who wishes to utilize the time stamping agency, and 
producing a time stamp certificate regarding that document 
creation log at the time stamping agency. 

Also, on the server side, the secret key of the time 
stamping device is distributed in division among a 
plurality of digital signature units and each digital 
signature unit generates a digital signature independently, 
in order to eliminate a possibility of having the secret 
key stolen that is present in the case where the external 
time stamping agency generates a digital signature using a 
single secret key, and a possibility of forging the time 
stamp of the past time by the conspiracy of the digital 
document author and the external time stamping agency. 

In this way, it is possible to operate the external 
time stamping agencies to provide a safe and reliable time 
stamping service in which there is no risk of having the 
secret key stolen and the forgery of the time stamp is 
impossible unless the time stamping agency is in conspiracy 
with all the parties for generating digital signatures. 
Also, there is no need to store the time stamp certificates 
issued in the past at all, so that it is possible to reduce 
a required memory capacity considerably compared with the 
above described conventional method. 

However, in the case where distributed time stamping 
agencies are to carry out the time stamping and generate 
the digital signature independently by using partial secret 
keys with respect to the same digital document, it is 
impossible to verify the digital signatures by using the 
public key corresponding to the distributed secret keys 



unless all the time stamping agencies attach the exactly 
identical time to the digital document before generating 
the digital signatures. 

5 

SUMMARY OF THE INVENTION 

It is therefore an object of the present invention to 
provide a folder type time stamping system by which digital 

10 documents on PCs can be used as records with daily log 
similarly as the research notebook and the housekeeping 
book by regularly acquiring the time stamp certificate for 
the digital documents from a reliable third party agency 
for the purpose of the existence proof, and the document 

15 creation log can be utilized in a form of a recording 
medium at a time of proving to a third person. 

It is another object of the present invention to 
provide a distributed time stamping system in which a 
unified digital signature obtained from a plurality of 

20 partial digital signatures can be decrypted using a single 
public key in the case of carrying out the time stamping 
and generating the digital signature independently at 
distributed time stamping agencies. 

According to one aspect of the present invention there 

25 is provided a time stamping system, comprising a client 

device and a server device; the client device including: a 
digest generation unit for generating a plurality of 
digests for a plurality of digital documents; a digest 
combining unit for combining the plurality of digests 

30 generated by the digest generation unit; a unified digest 
generation unit for generating a unified digest from the 
plurality of digests as combined by the digest combining 
unit; a transmission unit for transmitting a time stamping 
request containing the unified digest generated by the 

35 unified digest generation unit, to the server device; and a 
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reception unit for receiving a time stamp token for the 
plurality of digital documents from the server device; and 
wherein the server device generates the time stamp token 
containing a time stamped digital document obtained by 
5 combining the unified digest and a time information 

acquired in response to the time stamping request, and a 
digital signature for the time stamped digital document. 

According to another aspect of the present invention 
there is provided a client device of a time stamping 

10 system, the client device comprising: a digest generation 
unit for generating a plurality of digests for a plurality 
of digital documents; a digest combining unit for combining 
the plurality of digests generated by the digest generation 
unit; a unified digest generation unit for generating a 

15 unified digest from the plurality of digests as combined by 
the digest combining unit; a transmission unit for 
transmitting a time stamping request containing the unified 
digest generated by the unified digest generation unit, to 
a server device of the time stamping system; and a 

20 reception unit for receiving a time stamp token for the 
plurality of digital documents from the server device. 

According to another aspect of the present invention 
there is provided a server device of a time stamping 
system, the server device comprising: a plurality of time 

25 acquisition units, each time acquisition unit sequentially 
acquiring the time information given in a prescribed 
constant incremental time unit, in response to a received 
digital document, independently from other time acquisition 
units; a plurality of combining units, provided in 

30 correspondence to the plurality of time acquisition units, 
each combining unit generating a plurality of time stamped 
digital documents by sequentially combining the received 
digital document with the time information sequentially 
acquired by a corresponding one of the time acquisition 

35 units, independently from other combining units; a 
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plurality of digital signature units, provided in 
correspondence to the plurality of combining- units, each 
digital signature unit generating a digital signature for 
each time stamped digital document generated by a 
5 corresponding one of the combining units, independently 
from other digital signature units; a unified digital 
signature generation unit for selecting a plurality of 
digital signatures, one digital signature per each digital 
signature unit, which are generated by the plurality of 

10 digital signature units for one time stamped digital 

document of an identical time, from a plurality of digital 
signatures generated by the plurality of digital signature 
units, and generating a unified digital signature from 
selected digital signatures; and a time stamp token 

15 generation unit for generating the time stamp token from 
said one time stamped digital document and the unified 
digital signature generated by the unified digital 
signature generation unit. 

According to another aspect of the present invention 

20 there is provided a time stamping method in a time stamping 
system formed by a client device and a server device, 
comprising the steps of; (a) generating a plurality of 
digests for a plurality of digital documents at the client 
device; (b) combining the plurality of digests generated by 

25 the step (a), at the client device; (c) generating a 

unified digest from the plurality of digests as combined by 
the step (b) , at the client device; (d) transmitting a time 
stamping request containing the unified digest generated by 
the step (c), from the client device to the server device; 

30 (e) generating at the server device a time stamp token 
containing a time stamped digital document obtained by 
combining the unified digest and a time information 
acquired in response to the time stamping request, and a 
digital signature for the time stamped digital document; 

35 and (f) receiving the time stamp token for the plurality of 
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digital documents from the server device, at the client 
device . 

According to another aspect of the present invention 
there is provided a method of receiving a time stamping 
5 service at a client device of a time stamping system, the 
method comprising the steps of: (a) generating a plurality 
of digests for a plurality of digital documents; (b) 
combining the plurality of digests generated by the step 
(b); (c) generating a unified digest from the plurality of 

10 digests as combined by the step (b) ; (d) transmitting a 
time stamping request containing the unified digest 
generated by the step (c) , to a server device of the time 
stamping system; and (e) receiving a time stamp token for 
the plurality of digital documents from the server device. 

15 According to another aspect of the present invention 

there is provided a method of providing a time stamping 
service at a server device of a time stamping system, the 
method comprising the steps of: (a) sequentially acquiring 
a time information given in a prescribed constant 

20 incremental time unit, in response to a received digital 
document, at each one of a plurality of time acquisition 
units in the server device, independently from other time 
acquisition units; (b) generating a plurality of time 
stamped digital documents at each one of a plurality of 

25 combining units, provided in correspondence to the 

plurality of time acquisition units in the server device, 
by sequentially combining the received digital document 
with the time information sequentially acquired by a 
corresponding one of the time acquisition units, 

30 independently from other combining units; (c) generating a 
digital signature at each one of a plurality of digital 
signature units, provided in correspondence to the 
plurality of combining units in the server device, for each 
time stamped digital document generated by a corresponding 

35 one of the combining units, independently from other 
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digital signature units; (d) selecting a plurality of 
digital signatures, one digital signature per each digital 
signature unit, which are generated by the plurality of 
digital signature units for one time stamped digital 
5 document of an identical time, from a plurality of digital 
signatures generated by the plurality of digital signature 
units, and generating a unified digital signature from 
selected digital signatures; and (e) generating the time 
stamp token from said one time stamped digital document and 

10 the unified digital signature generated by the step (d) . 

According to another aspect of the present invention 
there is provided a computer usable medium having computer 
readable program codes embodied therein for causing a 
computer to function as a client device of a time stamping 

15 system, the computer readable program codes including: a 
first computer readable program code for causing said 
computer to generate a plurality of digests for a plurality 
of digital documents; a second computer readable program 
code for causing said computer to combine the plurality of 

20 digests generated by the first computer readable program 
code; a third computer readable program code for causing 
said computer to generate a unified digest from the 
plurality of digests as combined by the second computer 
readable program code; a fourth computer readable program 

25 code for causing said computer to transmit a time stamping 
request containing the unified digest generated by the 
third computer readable program code, to a server device of 
the time stamping system; and a fifth computer readable 
program code for causing said computer to receive a time 

30 stamp token for the plurality of digital documents from the 
server device. 

According to another aspect of the present invention 
there is provided a computer usable medium having computer 
readable program codes embodied therein for causing at 

35 least one computer to function as a server device of a time 



stamping system, the computer readable program codes 
including: a first computer readable program code for 
causing said at least one computer to realize a plurality 
of time acquisition units, each time acquisition unit 
5 sequentially acquiring the time information given in a 

prescribed constant incremental time unit, in response to a 
received digital document, independently from other time 
acquisition units; a second computer readable program code 
for causing said at least one computer to realize a 

10 plurality of combining units, provided in correspondence to 
the plurality of time acquisition units, each combining 
unit generating a plurality of time stamped digital 
documents by sequentially combining the received digital 
document with the time information sequentially acquired by 

15 a corresponding one of the time acquisition units, 

independently from other combining units; a third computer 
readable program code for causing said at least one 
computer to realize a plurality of digital signature units, 
provided in correspondence to the plurality of combining 

20 units, each digital signature unit generating a digital 

signature for each time stamped digital document generated 
by a corresponding one of the combining units, 
independently from other digital signature units; a fourth 
computer readable program code for causing said at least 

25 one computer to select a plurality of digital signatures, 
one digital signature per each digital signature unit, 
which are generated by the plurality of digital signature 
units for one time stamped digital document of an identical 
time, from a plurality of digital signatures generated by 

30 the plurality of digital signature units, and to generate a 
unified digital signature from selected digital signatures; 
and a fifth computer readable program code for causing said 
at least one computer to generate the time stamp token from 
said one time stamped digital document and the unified 

35 digital signature generated by the fourth computer readable 
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program code. 

Other features and advantages of the present invention 
will become apparent from the following description taken 
in conjunction with the accompanying drawings. 

5 

BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a block diagram showing an exemplary 
10 configuration of a folder type time stamping system 

according to the first embodiment of the present invention. 

Fig. 2 is a block diagram showing an exemplary 
configuration of a folder type time stamping system 
according to the second embodiment of the present 
15 invention. 

Fig. 3 is a block diagram showing an exemplary 
configuration of a distributed time stamping system 
according to the third embodiment of the present invention. 
Fig. 4 is a block diagram showing an exemplary 
20 configuration of a distributed time stamping system 
according to the fourth embodiment of the present 
invention . 

Fig. 5 is a diagram showing one example of acquired 
time information in the distributed time stamping system of 
25 Fig. 3 and Fig. 4. 

Fig. 6 is a diagram showing another example of 
acquired time information in the distributed time stamping 
system of Fig. 3 and Fig. 4. 

Fig. 7 is a diagram showing another example of 
30 acquired time information in the distributed time stamping 
system of Fig. 3 and Fig. 4. 

Fig. 8 is a diagram showing a relationship between 
potential digital document arrival time intervals for two 
different combining units in the distributed time stamping 
35 system of Fig. 3 and Fig. 4. 
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Fig. 9 is a diagram showing an example of potential 
digital document arrival time intervals and actual digital 
document arrival time for two different combining units in 
the distributed time stamping system of Fig. 3 and Fig. 4. 
5 Fig. 10 is a block diagram showing an exemplary 

configuration of a folder type distributed time stamping 
system according to the fifth embodiment of the present 
invention. 

Fig. 11 is a block diagram showing an exemplary 
10 configuration of a client unit in the folder type 
distributed time stamping system of Fig. 10. 

Fig. 12 is a block diagram showing one exemplary 
configuration of a server unit in the folder type 
distributed time stamping system of Fig. 10. 
15 Fig. 13 is a block diagram showing another exemplary 

configuration of a server unit in the folder type 
distributed time stamping system of Fig. 10. 

20 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

Referring now to Fig. 1 and Fig. 2, the first and 
second embodiments directed to a folder type time stamping 
system according to the present invention will be described 
25 in detail. 

Fig. 1 shows a configuration of the folder type time 
stamping system according to the first embodiment of the 
present invention. 

In Fig. 1, the folder type time stamping system 1 
30 comprises: a digest generation unit 11 for generating 
digests of target digital documents G among digital 
documents that may contain any of text data, image data and 
speech data; a digest combining unit 13 for combining a 
plurality of digests generated by the digest generation 
35 unit 11; a unified digest generation unit 15 for generating 
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a unified digest for a result obtained by combining a 
plurality of digests at the digest combining unit 13; a 
transmission unit 17 for transmitting data containing the 
unified digest generated by the unified digest generation 
5 unit 15, to a digital signature generation unit 19 through 
a time stamping unit 21; a digital signature generation 
unit 19 for combining a time acquired from a time 
acquisition unit 23 to the data containing the unified 
digest that is received from the unified digest generation 

10 unit 15 through the transmission unit 17, and generating a 
digital signature for the obtained combination as a whole; 
a time stamping unit 21 for sending a time stamp token 
(certificate) containing the unified digest, the time, and 
the digital signature generated or acquired above, to a 

15 reception unit 25; a time acquisition unit 23 for providing 
a time information indicating the time at a moment of an 
inquiry from the time stamping unit 21; and a reception 
unit 25 for receiving the time stamp token sent from the 
time stamping unit 21. 

20 Here, the digest generation unit 11, the digest 

combining unit 13, the unified digest generation unit 15, 
the transmission unit 17, and the reception unit 25 
constitute a client unit 100, while the digital signature 
generation unit 19, the time stamping unit 21, and the time 

25 acquisition unit 23 constitute a server unit 200. 

In the following, the time stamping processing in this 
first embodiment will be described in detail with reference 
to Fig. 1. 

The target digital documents G produced by an author 
30 may contain any of text data, image data, speech data, and 
binary data or their combination. For these target digital 
documents G, the digests are generated by the digest 
generation unit 11 in the folder type time stamping system 
1, using the hash function (such as MD5 or SHA-1, for 
35 example) for each digital document, such that the 
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processing becomes faster, the original document will not 
be sent to the server unit 200, and different values can be 
obtained for different documents at very high 
probabilities . 

5 More specifically, denoting the hash function as h, 

and a plurality of digital documents that constitute the 

target digital documents G as gi , gs , , gn , the digest 

generation unit 11 generates digests h(gi ), h(ga ) , , 

h(gn ) . 

10 Then, the digest combining unit 13 obtains 

h(gi ) -h(g2 ) h(gn ) as a result of combining the 

digests h(gi), h(gs), , h(gn ) by concatenation, for 

example . 

The unified digest generation unit 15 generates the 

15 unified digest from this result of combining. Here, 

denoting the hash function used by the unified digest 
generation unit 15 as i, the unified digest generation unit 

15 generates the unified digest i (h(gi ) *h(gs ) h(g n )). 

The transmission unit 17 then transmits this unified digest 

20 i (h(gi ) «h(g2 ) h(gn)) to the digital signature generation 

unit 19 through the time stamping unit 21. 

The digital signature generation unit 19 generates the 
digital signature s for a digital data containing the 
unified digest i (h(gi ) *h(ga ) h(gn)) and the time t 

25 acquired from the time acquisition unit 23, and sends this 
digital signature s to the time stamping unit 21. 

Then, the time stamping unit 21 issues the time stamp 
token containing the digital signature s, the unified 
digest i (h(gi ) -h(gs ) h(gn)), and the time t, and sends 

30 this time stamp token to the reception unit 25. 

According to the first embodiment, it becomes possible 
to acquire the time stamp token for digital documents on a 
PC in which a coherent system of documents are often formed 
by a combination of related documents, figures and tables, 

35 etc., in relation to these related documents or the other 
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digital documents on the PC from which these related 
documents are produced, by regularly acquiring the time 
stamp token issued for the digital documents from a 
reliable third party agency for the purpose of the 
5 existence proof. 

It is also possible to improve the reliability of the 
existence proof of the time stamped documents, and digital 
documents on PCs can be used as records with daily log 
similarly as the research notebook and the housekeeping 
10 book, and the document creation log can be utilized in a 
form of a recording medium at a time of proving to a third 
person. 

In this way, it becomes possible to prove the the 
plurality of digital documents have not been altered since 

15 the time of the time stamp, and these plurality of digital 
documents definitely existed together at the time of the 
time stamp. Moreover, there is no need to judge the 
necessity of the time stamp token for each digital document 
separately and it suffices to acquire a single time stamp 

20 token for a plurality of digital documents collectively so 
that it becomes possible to utilize the time stamping 
service at lower cost. 

Next, Fig. 2 shows a configuration of the folder type 
time stamping system according to the second embodiment of 

25 the present invention. 

In Fig. 2, the folder type time stamping system 3 
comprises: a digest generation unit 31 for generating 
digests of target digital documents G among digital 
documents F that may contain any of text data, image data 

30 and speech data; a digest combining unit 33 for combining a 
plurality of digests generated by the digest generation 
unit 31; a unified digest generation unit 35 for generating 
a unified digest for a result obtained by combining a 
plurality of digests at the digest combining unit 33; a 

35 transmission unit 37 for transmitting data containing the 
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unified digest generated by the unified digest generation 
unit 35, to a digital signature generation unit 39 through 
a time stamping unit 41; a digital signature generation 
unit 39 for combining a time acquired from a time 
5 acquisition unit 43a to the data containing the unified 

digest that is received from the unified digest generation 
unit 35 through the transmission unit 37, and generating a 
digital signature for the obtained combination as a whole; 
a time stamping unit 41 for sending a time stamp token 

10 (certificate) containing the unified digest, the time, and 
the digital signature generated or acquired above, to a 
reception unit 45; a time acquisition unit 43a for 
providing a time information indicating the time at a 
moment of an inquiry from the time stamping unit 41; a 

15 reception unit 45 for receiving the time stamp token sent 
from the time stamping unit 41; a verification unit 47 for 
verifying the time stamp token received through the 
reception unit 45; a time specifying unit 49 for specifying 
a timing for generating digests to the digest generation 

20 unit 31; a digital document specifying unit 51 for 

specifying the target digital documents G from the digital 
documents F; and a time acquisition unit 43b for providing 
a time information indicating the time at a moment of an 
inquiry from any of the digest generation unit 31, the 

25 transmission unit 37, the reception unit 45 and the 

verification unit 47. Note that the time acquisition unit 
43a and the time acquisition unit 43b may be the same 
entity . 

Here, the digest generation unit 31, the digest 
30 combining unit 33, the unified digest generation unit 35, 
the transmission unit 37, the reception unit 45, the 
verification unit 47, the time specifying unit 49, the 
digital document specifying unit 51, and the time 
acquisition unit 43b constitute a client unit 100, while 
35 the digital signature generation unit 39, the time stamping 
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unit 41, and the time acquisition unit 43a constitute a 
server unit 200. 

In the following, the time stamping processing in this 
second embodiment will be described in detail with 
reference to Fig. 2. 

The digital document specifying unit 51 specifies the 
target digital documents G in units of files or folders, 
from the digital documents D that may contain any of text 
data, image data, speech data, and binary data or their 
combination that are located on a network or inside a PC 
which is accessible from a PC. 

When the digest generation unit 31 detects that it is 
now the time specified from the time specifying unit 49, 
according to the time acquired from the time acquisition 
unit 43b, the digest generation unit 31 generates digests 
for these target digital documents G, using the hash 
function (such as MD5 or SHA-1, for example) for each 
digital document. 

More specifically, denoting the hash function as h, 
and a plurality of digital documents that constitute the 
target digital documents G as gi , gs , , gn , the digest 
generation unit 31 generates digests h(gi ), h(g£ ) , , 

h(gn ) . 

Then, the digest combining unit 33 obtains 
h(gi)'h(gs) h(gn ) as a result of combining the 
digests h(gi), h(ga ) , , h(gn ) by concatenation, for 
example . 

The unified digest generation unit 35 generates the 
unified digest from this result of combining. Here, 
denoting the hash function used by the unified digest 
generation unit 35 as i , the unified digest generation unit 

35 generates the unified digest i (h ( gi ) *h ( gs ) h(g n )). 

The transmission unit 37 then transmits this unified digest 

i(h(gi ) *h(g2 ) h(gn)) to the digital signature generation 

unit 39 through the time stamping unit 41. 
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The digital signature generation unit 39 generates the 
digital signature s for a digital data containing the 
unified digest i (h(gi ) *h(g2 ) h(gn)) and the time t 
acquired from the time acquisition unit 43a, and sends this 
digital signature s to the time stamping unit 41. 

Then, the time stamping unit 41 issues the time stamp 
token containing the digital signature s, the unified 

digest i(h(gi ) -h(g 2 ) h(g n )), and the time t, and sends 

this time stamp token to the reception unit 45. 

Then, the verification unit 47 verifies that the 
digital signature attached to the time stamp token received 
at the reception unit 45 is an authentic digital signature 
generated by the digital signature generation unit 39. 

In addition, the verification unit 47 also verifies 
that the time attached to the time stamp token is after the 
time of transmission from the transmission unit 37 to the 
digital signature generation unit 39 and before the time of 
reception at the reception unit 45. 

As described, according to the second embodiment, in 
addition to the effects described above for the first 
embodiment, it is possible to acquire the time stamp token 
regularly for files on the PC that are specified in units 
of files or folders, and record the file creation and 
modification log for files on the PC including relations 
with the related files, so that it becomes possible to use 
a sequence of the time stamp tokens acquired over a 
extended period of time as a proof for the file creation 
and modification log of files on the PC by a third person. 
This sequence of the time stamp tokens is more difficult to 
forge than the research notebook or the housekeeping book 
so that it becomes possible to provide a highly reliable 
time stamping service for digital documents. 

Note that computer programs for realizing the folder 
type time stamping system as described above can be 
provided in forms of recording media such that these 
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programs can be distributed more easily using these 
recording media. 

Referring now to Fig. 3 to Fig. 9, the third and 
fourth embodiments directed to a distributed time stamping 
system according to the present invention will be described 
in detail. 

Fig. 3 shows a configuration of the distributed time 
stamping system according to the third embodiment of the 
present invention. 

In Fig. 3, the distributed time stamping system 101 
comprises: a plurality of time acquisition units 113a, 

113b, , 113s for acquiring time information ti i , ts i , 

, ts i having a constant incremental time unit, 

independently for n times where n is an integer greater 
than or equal to one, at a constant acquisition interval; a 

plurality of combining units 111a, 111b, , ills provided 

respectively in correspondence to the time acquisition 

units 113a, 113b, , 113s, for independently and 

successively producing a time stamped digital document Mt, j 
by combining a the respective time information ti j with a 
digital document M; a plurality of digital signature units 

115a, 115b, , 115s provided respectively in 

correspondence to the combining units 111a, 111b, , 

Ills, for independently generating a digital signature for 
each respective time stamped digital document Mti j ; a 
unified digital signature generation unit 117 for receiving 
a plurality of digital signatures generated independently 
by the plurality of digital signature units 115a, 115b, 

, 115s, selecting digital signatures for a time stamped 

digital document Mt of an identical time from these 
plurality of digital signatures, one digital signature per 

each one of the digital signature units 115a, 115b, , 

115s, and generating a unified digital signature c from the 
selected digital signatures for the time stamped digital 
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document Mt of the identical time; and a time stamp token 
generation unit 119 for generating a time stamp token 
(certificate) T containing the time stamped digital 
document Mt and the unified digital signature c. 
5 In the following, the distributed time stamping 

processing in this third embodiment will be described in 
detail with reference to Fig. 3. Here, the description will 
be given for a sub-system related to the combining unit 
111a alone, but the operations of the other sub-systems 

10 related to the combining units are similar. 

The digital document M produced by an author may 
contain any of text data, image data, speech data, and 
binary data or their combination. This digital document M 
is combined with a time acquired from the time acquisition 

15 unit 113a to produce a time stamped digital document Mt at 
the combining unit 111a in the distributed time stamping 
system 101. Then, a digital signature for this time stamped 
digital document Mt is generated at the digital signature 
unit 115a. The digital signatures 

20 generated by the digital signature units 115a, 115b, , 

115s in this manner are collected to the unified digital 
signature generation unit 117. 

Then, the unified digital signature generation unit 
117 generates the unified digital signature from the 

25 digital signatures for the time stamped digital document Mt 
of the Identical time, whenever it is possible to select 
one time stamped digital document Mt of the identical time 
for each digital signature unit 115. Then, the time stamp 
token generation unit 119 generates a time stamp token T 

30 containing the unified digital signature itself and the 
time stamped digital document Mt used in generating the 
unified digital signature. 

Now, the digital signature generation will be 
described for an exemplary case. Here, the RSA public key 

35 cryptosystem will be used as an exemplary public key 
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cryptosystem . 

First, for sufficiently large prime numbers p and q, n 
is defined as 

n = pq 

and an integer e that is relatively prime with respect to 

0(n) = (p-D(q-l) 
is appropriately selected. That is: 

gcd(e, (p-1) (q-1) ) = 1 

Then, setting n and e as the public keys, an integer d 
that satisfies 

ed = 1 mod 0(n) 

is selected and p, q, and d are set as the secret keys. 

For a digest m obtained by applying a hash function 
(such as MD5 or SHA-1, for example) to the time stamped 
digital document Mt of the identical time, the unified 
digital signature c to be generated by the unified digital 
signature generation unit 117 is given by 

c = m d mod n. 

When the total number of the digital signature units 
115 in Fig. 3 is s, if d is expressed in a form of a sum of 
numbers as 

d = di + ds + + d s 

then the digital signatures ci , C2 , , c s to be generated 
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by the digital signature units 115a, 115b, , 115s are 

given by 

ci = m d 1 mod n, , c s = m d 5 mod n. 

The time stamp token T is obtained as a digital 
document containing (Mt, c) . 

Next, Fig. 4 shows a configuration of the distributed 
time stamping system according to the fourth embodiment of 
the present invention. 

In Fig. 4, the distributed time stamping system 103 
comprises: a reception unit 130 for receiving a digital 
document M by communications; a plurality of time 

acquisition units 133a, 133b, , 133s for acquiring time 

information ti i , U \ , , U \ having a constant 
incremental time unit, independently for n times where n is 
an integer at least greater than or equal to one, at a 
constant acquisition interval; a plurality of combining 

units 131a, 131b, , 131s provided respectively in 

correspondence to the time acquisition units 133a, 133b, 

, 133s, for independently and successively producing a 

time stamped digital document Mti j by combining a the 
respective time information t, j with the digital document M 
received by the reception unit 130; a plurality of digital 

signature units 135a, 135b, , 135s provided respectively 

in correspondence to the combining units 131a, 131b, 
131s, for independently generating a digital signature for 
each respective time stamped digital document Mti j ; a 
unified digital signature generation unit 137 for receiving 
a plurality of digital signatures generated independently 
by the plurality of digital signature units 135a, 135b, 

, 135s, selecting digital signatures for a time stamped 

digital document Mt of an identical time from these 
plurality of digital signatures, one digital signature per 
each one of the digital signature units 135a, 135b, , 135s, 
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and generating a unified digital signature c from the 
selected digital signatures for the time stamped digital 
document Mt of the identical time; a time stamp token 
generation unit 139 for generating a time stamp token 
(certificate) T containing the time stamped digital 
document Mt and the unified digital signature c; and a 
transmission unit 141 for returning the time stamp token T 
generated by the time stamp token generation unit 139, to a 
sender of the digital document M by communications. 

Fig. 5 and Fig. 6 show relationships among the 
acquired time information in the third and fourth 
embodiments. Here, the relationships among the acquired 
time information are shown for an exemplary case of using 
three digital signature units. In Fig. 5 and Fig. 6, ti i , 
t2 1 , t3 i respectively represent times acquired by the three 
time acquisition units in the first attempt, while ti 2 , 
t2 2, ta 2 respectively represent times acquired by the three 
time acquisition units in the second attempt. Also, ti 1 , 
ti a , ti a respectively represent accurate times at which the 
first attempt of the time acquisition is made by the three 
time acquisition units, while tj 1 , tj 2 , tj 3 respectively 
represent accurate times at which the second attempt of the 
time acquisition is made by the three time acquisition 
units . 

Fig. 5 indicates that all three time acquisition units 
have acquired the same time information in the first 
attempt, and they have done so in the second attempt as 
well. In this case, ti 1 = ta 1 = t 3 1 will be the time used 
in generating the unified digital signature. Similarly, 
Fig. 6 indicates that the same time information was 
acquired by the second attempts of the first and second 
time acquisition units and the first attempt of the third 
time acquisition unit. In this case, t 3 1 = ti 2 = t 2 2 will 
be the time used in generating the unified digital 
signature . 
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Fig. 7 shows a relationship between the acquired time 
information and the accurate time of the time acquisition 
in the case where the incremental time unit of the time 
information is set to be a half of that used in Fig. 6. In 
Fig. 7, tn , t2 i , ts i respectively represent times acquired 
by the three time acquisition units in the first attempt, 
ti 2 , t-2 2 , t3 2 respectively represent times acquired by the 
three time acquisition units in the second attempt, and 
ti 3 , t 23 , tss respectively represent times acquired by the 
three time acquisition units in the third attempt. Also, 
tii, tie, ti s respectively represent accurate times at 
which the first attempt of the time acquisition is made by 
the three time acquisition units, tj i , tj 2 , tj 3 
respectively represent accurate times at which the second 
attempt of the time acquisition is made by the three time 
acquisition units, and tk 1 , tk 2 , tk 3 respectively represent 
accurate times at which the third attempt of the time 
acquisition is made by the three time acquisition units. In 
this example where the incremental time unit is a half, 
there is a need for each time acquisition unit to carry out 
the time acquisition at least three times in order to 
acquire the same time information by all three time 
acquisition units. 

Note that the constant acquisition interval by which 
the time acquisition is to be carried out by each time 
acquisition unit can be set to an arbitrary length, but it 
should preferably be set equal to the constant incremental 
time unit of the time to be acquired by each time 
acquisition unit. 

Also, instead of actually carrying out the time 
acquisition in the second and subsequent attempts, it is 
possible to obtain the acquired times for the second and 
subsequent attempts by adding prescribed times in the 
constant incremental time unit sequentially to the time 
acquired in the first attempt. In this case it suffices for 
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each time acquisition unit to carry out the time 
acquisition only once. 

The constant incremental time unit of the time to be 
acquired by each time acquisition unit can be set to an 
arbitrary length, but when the incremental time unit is 
made shorter, even though an accuracy of the acquired time 
can be improved, the number of the digital signatures that 
are required to be generated by each digital signature unit 
until it becomes possible to select the time stamped 
digital document Mt of the identical time for each one of 
the digital signature units will be increased. 

Note however that, when the arrival time of the 
digital document M at each combining unit is different for 
different combining units, it is possible to reduce the 
number of digital signatures to be generated by the 
digital signature units other than that corresponding to 
the combining unit which requires the longest arrival time 
by controlling them not to carry out the digital signature 
generation for at least one of times that have no chance of 
being used as the identical time, as follows. 

Fig. 8 shows a relationship between time intervals in 
which the digital document may arrive at two different 
combining units. A part (1) of Fig. 8 represents a case 
where the latest possible arrival time for one combining 
unit is earlier than the earliest possible arrival time for 
another combining unit, a part (2) of Fig. 8 represents a 
case where the latest possible arrival time for one 
combining unit is contained in the potential arrival time 
interval for another combining unit and the earliest 
possible arrival time for the former combining unit is 
earlier than the earliest possible arrive time for the 
latter combining unit, and a part (3) of Fig. 8 represents 
a case where the potential arrival time interval for one 
combining unit is completely contained within the potential 
arrival time interval for another combining unit. All 
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conceivable relationships between the potential arrival 
time intervals for arbitrary two combining- units are 
covered by these three cases. 

Fig. 9 shows a timing relationship in the case where 
the potential arrival time interval for the combining- unit 
to which the digital document can arrive latest lies 
between a time "c" and a time "d", and the potential 
arrival time interval for another arbitrary combining: unit 
lies between a time "a" and a time "b". Parts (1), (2) and 
(3) of Fig*. 9 are cases corresponding- to those of parts 
(1), (2) and (3) of Fig. 8. Here the combining: unit to 
which the digital document can arrive latest will be 
denoted as CI, and another arbitrary combining unit will be 
denoted as C2 . Also, the incremental time unit, i.e., an 
interval between t; and ti + i , will be denoted as u. 

In general, each combining unit can be controlled to 
generate the time stamped digital documents by setting a 
generation start timing at a time obtained by adding a 
prescribed time not less than zero that is defined in order 
to eliminate times that will never be used for the unified 
digital signature generation, to a predetermined time that 
is closest to but not earlier than the current time, and 
combining the digital document sequentially with the time 
information given by up to a specified number of prescribed 
incremental time units starting from the generation start 
timing. 

Here, the prescribed time not less than zero is used 
such that, when there is a fixed displacement between 
digital document arrival times at different combining 
units, the combining unit that would have otherwise started 
to generate the time stamped digital documents earlier will 
delay a start of the time stamped digital document 
generation to account for that displacement. 

Also, the specified number is used such that, even 
when there is a variation in the potential digital document 
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arrival time interval for the combining unit, it is still 
possible to obtain the time stamped digital document of the 
identical time for each one of the digital signature units 
so that the unified digital signature can be generated 
without a failure. 

In the case of part (1) of Fig. 9, when a value 
of a product of u and a largest integer n not exceeding (c- 
b)/u is v and the digital document arrives to C2 at a time 
"e" between ts and t4 , the current time is "e", the 
predetermined time not earlier than the current time can be 
set to t4 and the prescribed time not less than zero can be 
set to v = n*u = l*u since n = 1. In addition, the 
prescribed incremental time unit is u, and the specified 
number can be set to a number obtained by adding 1 and then 
subtracting n from a smallest integer m greater than or 
equal to (d-a)/u. In this case, m = 5, so that the 
specified number will be 5+1-1 = 5. 

As a result, there is no need to generate the time 
stamped digital document for the time t4 and it suffices to 
generate only five time stamped digital documents for U , 
ts , t? , ts and U , starting from U obtained by adding v to 
t4 . Similarly, if "e" is between "a" and ts , it will 
suffice to generate only five time stamped digital 
documents for t4 , ts , te , t? and ts , and if "e" is between 
U and "b", it will suffice to generate only five time 
stamped digital documents for te , ti , ts , t9 and ti a . 

In the case of part (2) of Fig. 9, when the digital 
document arrives to C2 at a time "e" between ts and t4 , the 
current time is "e" , the predetermined time not earlier 
than the current time can be set to t4 and the prescribed 
time not less than zero can be set to 0. If "e" is between 
"c" and ts , C2 starts the time acquisition from te that is 
immediately after "e" . In addition, the prescribed 
incremental time unit is u, and the specified number can be 
set to a number obtained by adding 1 to a smallest integer 
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m greater than or equal to (d-a)/u. In this case, the 
specified number will be 6 so that only six time stamped 
digital documents for U , U , te , ti , ts and U will be 
generated . 

In the case of part (3) of Fig. 9, when the digital 
document arrives to C2 at a time "e" between U and U , the 
current time is "e" , the predetermined time not earlier 
than the current time can be set to ts and the prescribed 
time not less than zero can be set to 0. In addition, the 
prescribed incremental time unit is u, and the specified 
number can be set to a number obtained by adding 1 to a 
smallest integer m greater than or equal to (d-a)/u. In 
this case, the specified number will be 3 so that only 
three time stamped digital documents for te , t? and ts will 
be generated. 

Now, usually, in the distributed time stamping system, 
the digital signature units that constitute the system 
maintains parts of the secret key of the public key 
cryptosystem distributedly , so that a possibility of having 
the secret key stolen or a possibility of having the time 
stamp token forged can be reduced, but a possibility for 
the times independently acquired by the time acquisition 
units to coincide is very small as already mentioned above 
so that there arises a problem that the unified digital 
signature cannot be generated. 

In this regard, in the third and fourth embodiments, 
the time is acquired at a constant incremental time unit as 
described above, so that it is possible to increase a 
possibility for the independently acquired times to 
coincide. In fact, in an example shown in Fig. 5 and Fig. 
6, it is possible to obtain the time stamped digital 
document of the identical time for every combining unit 
without a failure, when each time acquisition unit carries 
out the time acquisition at least twice at a constant 
acquisition interval, because of the relationship between 
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the incremental time unit and the time difference between 
the time acquisition execution times among the time 
acquisition units. As a result, it becomes possible to 
realize the distributed time stamping with the improved 
safety of the secret key. 

Note that computer programs for realizing the 
distributed time stamping system as described above can be 
provided in forms of recording media such that these 
programs can be distributed more easily using these 
recording media. 

Note also that the third and fourth embodiments are 
described above for the case of using the RSA public key 
cryptosystem, but the present invention is not limited to 
this case and it is possible to generate the digital 
signatures and the unified digital signature similarly by 
using the other public key cryptosystems in which the 
digital signature that can be generated by using a single 
secret key can also be generated by using a plurality of 
divided secret keys obtained by dividing the secret key of 
the elliptic curve public key cryptosystem, DSA (Digital 
Signature Algorithm), etc. 

It is also possible to generate the unified digital 
signature by using a digital document that contains the 
time stamped digital document Mt rather than the time 
stamped digital document Mt itself. It is also possible to 
generate the digital signature directly without applying 
the hash function to the digital document. One time stamped 
digital document Mt may be set in correspondence to one 
time information, or in correspondence to a plurality of 
time information. In the former case one digital signature 
will be generated from one time stamped digital document 
Mt , whereas in the latter case a plurality of digital 
signatures will be generated from one time stamped digital 
document Mt . 

As described, according to the third and fourth 
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embodiments, it becomes possible to obtain the time stamped 
digital document of the identical time at every combining: 
unit without a failure so that it becomes possible to 
realize the distributed time stamping with the improved 
safety of the secret key. 

Referring now to Fig. 10 to Fig. 13, the fifth 
embodiment directed to a folder type distributed time 
stamping system according to the present invention will be 
described in detail. 

Fig. 10 shows a configuration of the folder type 
distributed time stamping system according to the fifth 
embodiment of the present invention. This fifth embodiment 
is a combination of the folder type time stamping system of 
the first and second embodiments and the distributed time 
stamping system of the third and fourth embodiments. 

In Fig. 10, the folder type distributed time stamping 
system 300 generally comprises a client unit 100 and a 
server unit 200. The client unit 100 generates a time 
stamping request R from a plurality of digital documents G 
that are the target of time stamping, and gives it to the 
server unit 200. The server unit 200 generates a time 
stamping token (certificate) T according to the received 
time stamping request R, and returns it to the client unit 
100. 

Fig. 11 shows an exemplary configuration of the client 
unit 100 in the folder type distributed time stamping 
system 300 of Fig. 10. The client unit 100 of Fig. 11 
corresponds to the client unit 100 of Fig. 2 in the second 
embodiment described above, so that the same elements are 
given the same reference numerals in the figure. 

First, the digital document specifying unit 51 selects 
the digital documents G that are the target of time 
stamping from the digital documents F. 

Then, at a regular digest generation time specified by 
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the time specifying: unit 49, the digest generation unit 31 
generates digests of the selected digital documents. Here, 
it Is possible to utilize the previously generated digests 
for those digital documents whose contents have not been 
modified since the digests are generated previously. 

Then, the digest combining unit 33 generates a new 
digital document by combining the digests of the target 
digital documents G generated by the digest generation unit 
31. 

Then, the unified digest generation unit 36 generates 
the unified digest from this new digital document. 

Then, the time stamping request R containing the 
unified digest is transmitted from the transmission unit 37 
to the server unit 200. 

At the server unit 200, the time stamp token T is 
generated as described below, and returned to the reception 
unit 45 of the client unit 100. 

Then, the verification unit 47 compares the 
transmission time by the transmission unit 37, the 
reception time by the reception unit 45, and the stamped 
time recorded in the received time stamp token T, verifies 
using a public key corresponding to the secret key used by 
the server unit 200 that the digital signature contained in 
the time stamp token T is the authentic digital signature 
generated by the server unit 200, and verifies that the 
digests time stamped by the time stamp token T are those 
transmitted from the transmission unit 37. 

Here, by including the previously obtained time stamp 
tokens in the target digital documents G, it becomes 
possible to acquire the time stamp token that includes the 
past creation and modification log of the target digital 
documents G. 

Fig. 12 shows an exemplary configuration of the server 
unit 200 in the folder type distributed time stamping 
system 300 of Fig. 10. The server unit 200 of Fig. 12 
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corresponds to the distributed time stamping system of Fig. 
4 in the fourth embodiment described above, so that the 
same elements are given the same reference numerals in the 
figure . 

First, when the reception unit 130 receives the time 
stamping request R, its copy is sent to each combining unit 
131. 

Then, each combining unit 131 generates the time 
stamped digital document Mt by combining the digital 
document M contained in the time stamping request R with 
the time acquired by the corresponding time acquisition 
unit 133. 

Then, the corresponding digital signature unit 135 
generates the digital signature for this time stamped 
digital document Mt using the partial secret key acquired 
in advance. The digital signatures generated by the digital 
signature units 135 in this manner are collected to the 
unified digital signature generation unit 137. 

Then, the unified digital signature generation unit 
137 selects digital signatures having the identical time 
information among the collected digital signatures, one 
digital signature for each digital signature unit 135, and 
generates the unified digital signature. 

Then, the time stamp token generation unit 139 
generates the time stamp token T using the unified digital 
signature, and transmits it from the transmission unit 141 
to the client unit 100. 

Fig. 13 shows another exemplary configuration of the 
server unit 200 in the folder type distributed time 
stamping system 300 of Fig. 10. The server unit 200 of Fig. 
13 adopts a distributed configuration in which the 
functions of the server unit 200 are to be operated by 
independent third party authories, where the same elements 
as in the server unit 200 of Fig. 12 are given the same 
reference numerals in the figure. 
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Fig. 13 differs from Fig:. 12 in that a set of one 
combining unit 131, one time acquisition unit 133 and one 
digital signature unit 135 constitute one distributed 
partial time stamping authority 205, and the reception unit 
5 130, the unified digital signature generation unit 137, the 
time stamp token generation unit 139 and the transmission 
unit 141 constitute one time stamping authority 204, but 
the operation of each unit is the same as in the case of 
Fig. 12. 

10 

It is to be noted that the above described embodiments 
according to the present invention may be conveniently 
implemented using a conventional general purpose digital 
computer programmed according to the teachings of the 
15 present specification, as will be apparent to those skilled 
in the computer art. Appropriate software coding can 
readily be prepared by skilled programmers based on the 
teachings of the present disclosure, as will be apparent to 
those skilled in the software art. 
20 In particular, the client unit or the server unit of 

each of the above described embodiments can be conveniently 
implemented in a form of a software package. 

Such a software package can be a computer program 
product which employs a storage medium including stored 
25 computer code which is used to program a computer to 

perform the disclosed function and process of the present 
invention. The storage medium may include, but is not 
limited to, any type of conventional floppy disks, optical 
disks, CD-ROMs, magneto-optical disks, ROMs, RAMs , EPROMs , 
30 EEPROMs, magnetic or optical cards, or any other suitable 
media for storing electronic instructions. 

It is also to be noted that, besides those already 
mentioned above, many modifications and variations of the 
above embodiments may be made without departing from the 
35 novel and advantageous features of the present invention. 
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Accordingly, all such modifications and variations are 
intended to be included within the scope of the appended 
claims . 

5 
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WHAT IS CLAIMED IS: 



1. A time stamping system, comprising: a client device and 
a server device; 

5 the client device including: 

a digest generation unit for generating a plurality 
of digests for a plurality of digital documents; 

a digest combining unit for combining the plurality 
of digests generated by the digest generation unit; 
10 a unified digest generation unit for generating a 

unified digest from the plurality of digests as combined by 
the digest combining unit; 

a transmission unit for transmitting a time 
stamping request containing the unified digest generated by 
15 the unified digest generation unit, to the server device; 
and 

a reception unit for receiving a time stamp token 
for the plurality of digital documents from the server 
device; and 

20 wherein the server device generates the time stamp 

token containing a time stamped digital document obtained 
by combining the unified digest and a time information 
acquired in response to the time stamping request, and a 
digital signature for the time stamped digital document. 

25 

2. The time stamping system of claim 1, wherein the 
client device further includes: 

a digital document specifying unit for specifying the 
plurality of digital documents from digital documents on a 
30 personal computer or a network, in units of files or 
folders . 

3. The time stamping system of claim 2, wherein the 
digital document specifying unit specifies the plurality of 

35 digital documents such that a previously obtained time 
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stamp token is included in the plurality of digital 
documents . 

4. The time stamping system of claim 1, wherein the 
5 client device further includes: 

a time specifying unit for specifying regular digest 
generation times to the digest generation unit such that 
the digest generation unit regularly generates the 
plurality of digests at the regular digest generation 
10 times. 

5. The time stamping system of claim 1, wherein the 
client device further includes: 

a verification unit for verifying whether the digital 
15 signature contained in the time stamp token received at the 
reception unit is authentic or not. 

6. The time stamping system of claim 1, wherein the 
client device further includes: 

20 a verification unit for verifying that a time 

indicated by the time stamped digital document contained in 
the time stamp token received at the reception unit is 
between a transmission time of the time stamping request at 
the transmission unit and a reception time of the time 

25 stamp token at the reception unit. 

7. The time stamping system of claim 1, wherein the 
server device includes: 

a digital signature generation unit for obtaining the 
30 time stamped digital document by combining the unified 

digest and the time information, and generating the digital 
signature for the time stamped digital document; and 

a time stamp token generation unit for generating the 
time stamp token from the time stamped digital document and 
35 the digital signature generated by the digital signature 
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generation unit. 

8. The time stamping system of claim 1, wherein the 
server device includes: 
5 a plurality of time acquisition units, each time 

acquisition unit sequentially acquiring the time 
information given in a prescribed constant incremental time 
unit, in response to the time stamping request, 
independently from other time acquisition units; 

10 a plurality of combining units, provided in 

correspondence to the plurality of time acquisition units, 
each combining unit generating a plurality of time stamped 
digital documents by sequentially combining a data 
containing the unified digest with the time information 

15 sequentially acquired by a corresponding one of the time 
acquisition units, independently from other combining 
units ; 

a plurality of digital signature units, provided in 
correspondence to the plurality of combining units, each 

20 digital signature unit generating a digital signature for 
each time stamped digital document generated by a 
corresponding one of the combining units, independently 
from other digital signature units; 

a unified digital signature generation unit for 

25 selecting a plurality of digital signatures, one digital 
signature per each digital signature unit, which are 
generated by the plurality of digital signature units for 
one time stamped digital document of an identical time, 
from a plurality of digital signatures generated by the 

30 plurality of digital signature units, and generating a 

unified digital signature from selected digital signatures; 
and 

a time stamp token generation unit for generating the 
time stamp token from said one time stamped digital 
35 document and the unified digital signature generated by the 
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unified digital signature generation unit. 



9. The time stamping system of claim 8, wherein each 
digital signature unit is controlled not to generate the 

5 digital signature for at least one of those time stamped 
digital documents of times that have no chance of becoming 
the identical time. 

10. The time stamping system of claim 8, wherein the 
10 unified digital signature generation unit and the time 

stamp token generation unit constitute a time stamping 
authority, while each set of a time acquisition unit, a 
combining unit, and a digital signature unit constitute a 
distributed partial time stamping authority. 

15 

11. A client device of a time stamping system, the client 
device comprising: 

a digest generation unit for generating a plurality of 
digests for a plurality of digital documents; 
20 a digest combining unit for combining the plurality of 

digests generated by the digest generation unit; 

a unified digest generation unit for generating a 
unified digest from the plurality of digests as combined by 
the digest combining unit; 
25 a transmission unit for transmitting a time stamping 

request containing the unified digest generated by the 
unified digest generation unit, to a server device of the 
time stamping system; and 

a reception unit for receiving a time stamp token for 
30 the plurality of digital documents from the server device. 

12. The client device of claim 11, further comprises: 

a digital document specifying unit for specifying the 
plurality of digital documents from digital documents on a 
35 personal computer or a network, in units of files or 
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folders . 

13. The client device of claim 12, wherein the digital 
document specifying unit specifies the plurality of digital 

5 documents such that a previously obtained time stamp token 
is included in the plurality of digital documents. 

14. The client device of claim 11, further comprising: 

a time specifying unit for specifying regular digest 
10 generation times to the digest generation unit such that 
the digest generation unit regularly generates the 
plurality of digests at the regular digest generation 
times . 

15 15. The client device of claim 11, wherein the time stamp 
token contains a time stamped digital document obtained by 
combining the unified digest and a time information 
acquired in response to the time stamping request, and a 
digital signature for the time stamped digital document, 

20 and 

the client device further comprises a verification 
unit for verifying whether the digital signature contained 
in the time stamp token received at the reception unit is 
authentic or not. 

25 

16. The client device of claim 11, wherein the time stamp 
token contains a time stamped digital document obtained by 
combining the unified digest and a time information 
acquired in response to the time stamping request, and a 
30 digital signature for the time stamped digital document, 
and 

the client device further comprises a verification 
unit for verifying that a time indicated by the time 
stamped digital document contained in the time stamp token 
35 received at the reception unit is between a transmission 
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time of the time stamping request at the transmission unit 
and a reception time of the time stamp token at the 
reception unit. 



5 17. A server device of a time stamping system, the server 
device comprising: 

a plurality of time acquisition units, each time 
acquisition unit sequentially acquiring the time 
information given in a prescribed constant incremental time 

10 unit, in response to a received digital document, 
independently from other time acquisition units; 

a plurality of combining units, provided in 
correspondence to the plurality of time acquisition units, 
each combining unit generating a plurality of time stamped 

15 digital documents by sequentially combining the received 
digital document with the time information sequentially 
acquired by a corresponding one of the time acquisition 
units, independently from other combining units; 

a plurality of digital signature units, provided in 

20 correspondence to the plurality of combining units, each 
digital signature unit generating a digital signature for 
each time stamped digital document generated by a 
corresponding one of the combining units, independently 
from other digital signature units; 

25 a unified digital signature generation unit for 

selecting a plurality of digital signatures, one digital 
signature per each digital signature unit, which are 
generated by the plurality of digital signature units for 
one time stamped digital document of an identical time, 

30 from a plurality of digital signatures generated by the 
plurality of digital signature units, and generating a 
unified digital signature from selected digital signatures; 
and 

a time stamp token generation unit for generating the 
35 time stamp token from said one time stamped digital 
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document and the unified digital signature generated by the 
unified digital signature generation unit. 

18. The server device of claim 17, wherein each digital 
5 signature unit is controlled not to generate the digital 
signature for at least one of those time stamped digital 
documents of times that have no chance of becoming the 
identical time. 

10 19. The server device of claim 17, wherein the unified 

digital signature generation unit and the time stamp token 
generation unit constitute a time stamping authority, while 
each set of a time acquisition unit, a combining unit, and 
a digital signature unit constitute a distributed partial 

15 time stamping authority. 

20. A time stamping method in a time stamping system 
formed by a client device and a server device, comprising 
the steps of; 

20 (a) generating a plurality of digests for a plurality of 
digital documents at the client device; 

(b) combining the plurality of digests generated by the 
step (a), at the client device; 

(c) generating a unified digest from the plurality of 

25 digests as combined by the step (b) , at the client device; 

(d) transmitting a time stamping request containing the 
unified digest generated by the step (c) , from the client 
device to the server device; 

(e) generating at the server device a time stamp token 
30 containing a time stamped digital document obtained by 

combining the unified digest and a time information 
acquired in response to the time stamping request, and a 
digital signature for the time stamped digital document; 
and 

35 (f) receiving the time stamp token for the plurality of 
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digital documents from the server device, at the client 
device . 

21. The method of claim 20, further comprising the step 
5 of: 

specifying the plurality of digital documents from 
digital documents on a personal computer or a network, in 
units of files or folders, at the client device. 

10 22. The method of claim 21, wherein the specifying step 
specifies the plurality of digital documents such that a 
previously obtained time stamp token is included in the 
plurality of digital documents. 

15 23. The method of claim 20, further comprising the step 
of: 

specifying regular digest generation times at the 
client device such that the step (a) regularly generates 
the plurality of digests at the regular digest generation 
20 times. 

24. The method of claim 20, further comprising the step 
of: 

verifying whether the digital signature contained in 
25 the time stamp token received by the step (f) is authentic 
or not, at the client device. 

25. The method of claim 20, further comprising the step 
of: 

30 verifying that a time indicated by the time stamped 

digital document contained in the time stamp token received 
by the step (f) is between a transmission time of the time 
stamping request at the step (d) and a reception time of 
the time stamp token at the step (f ) , at the client device. 
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26. The method of claim 20, wherein the step (e) comprises 
the sub-steps of : 

(el) sequentially acquiring the time information given in 
a prescribed constant incremental time unit, in response to 
5 the time stamping 1 request, at each one of a plurality of 
time acquisition units in the server device, independently 
from other time acquisition units; 

(e2) generating a plurality of time stamped digital 
documents at each one of a plurality of combining units, 

10 provided in correspondence to the plurality of time 

acquisition units in the server device, by sequentially 
combining a data containing the unified digest with the 
time information sequentially acquired by a corresponding 
one of the time acquisition units, independently from other 

15 combining units; 

(e3) generating a digital signature at each one of a 
plurality of digital signature units, provided in 
correspondence to the plurality of combining units in the 
server device, for each time stamped digital document 

20 generated by a corresponding one of the combining units, 
independently from other digital signature units; 

(e4) selecting a plurality of digital signatures, one 
digital signature per each digital signature unit, which 
are generated by the plurality of digital signature units 

25 for one time stamped digital document of an identical time, 
from a plurality of digital signatures generated by the 
plurality of digital signature units, and generating a 
unified digital signature from selected digital signatures; 
and 

30 (e5) generating the time stamp token from said one time 

stamped digital document and the unified digital signature 
generated by the step (e4). 

27. The method of claim 26, wherein at the step (e3), each 
35 digital signature unit is controlled not to generate the 
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digital signature for at least one of those time stamped 
digital documents of times that have no chance of becoming 
the identical time. 



5 28. A method of receiving a time stamping service at a 
client device of a time stamping system, the method 
comprising the steps of: 

(a) generating a plurality of digests for a plurality of 
digital documents; 
10 (b) combining the plurality of digests generated by the 
step (b) ; 

(c) generating a unified digest from the plurality of 
digests as combined by the step (b); 

(d) transmitting a time stamping request containing the 
15 unified digest generated by the step (c) , to a server 

device of the time stamping system; and 

(e) receiving a time stamp token for the plurality of 
digital documents from the server device. 

20 29. The method of claim 28, further comprising the step 
of: 

specifying the plurality of digital documents from 
digital documents on a personal computer or a network, in 
units of files or folders. 

25 

30. The method of claim 29, wherein the specifying step 
specifies the plurality of digital documents such that a 
previously obtained time stamp token is included in the 
plurality of digital documents. 

30 

31. The method of claim 28, further comprising the step 
of: 

specifying regular digest generation times at the 
client device such that the step (a) regularly generates 
35 the plurality of digests at the regular digest generation 
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times. 

32. The method of claim 28, wherein the time stamp token 
contains a time stamped digital document obtained by 

5 combining the unified digest and a time information 

acquired in response to the time stamping request, and a 
digital signature for the time stamped digital document, 
and 

the method further comprises the step of verifying 
10 whether the digital signature contained in the time stamp 
token received by the step (e) is authentic or not, at the 
client device. 

33. The method of claim 28, wherein the time stamp token 
15 contains a time stamped digital document obtained by 

combining the unified digest and a time information 
acquired in response to the time stamping request, and a 
digital signature for the time stamped digital document, 
and 

20 the method further comprises the step of verifying 

that a time indicated by the time stamped digital document 
contained in the time stamp token received by the step (e) 
is between a transmission time of the time stamping request 
at the step (d) and a reception time of the time stamp 

25 token at the step (e), at the client device. 

34. A method of providing a time stamping service at a 
server device of a time stamping system, the method 
comprising the steps of: 

30 (a) sequentially acquiring a time information given in a 
prescribed constant incremental time unit, in response to 
a received digital document, at each one of a plurality of 
time acquisition units in the server device, independently 
from other time acquisition units; 

35 (b) generating a plurality of time stamped digital 
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documents at each one of a plurality of combining units, 
provided in correspondence to the plurality of time 
acquisition units in the server device, by sequentially 
combining the received digital document with the time 
5 information sequentially acquired by a corresponding one of 
the time acquisition units, independently from other 
combining units; 

(c) generating a digital signature at each one of a 
plurality of digital signature units, provided in 

10 correspondence to the plurality of combining units in the 
server device, for each time stamped digital document 
generated by a corresponding one of the combining units, 
independently from other digital signature units; 

(d) selecting a plurality of digital signatures, one 

15 digital signature per each digital signature unit, which 
are generated by the plurality of digital signature units 
for one time stamped digital document of an identical time, 
from a plurality of digital signatures generated by the 
plurality of digital signature units, and generating a 

20 unified digital signature from selected digital signatures; 
and 

(e) generating the time stamp token from said one time 
stamped digital document and the unified digital signature 
generated by the step (d). 

25 " • 

35. The method of claim 34, wherein at the step (c), each 
digital signature unit is controlled not to generate the 
digital signature for at least one of those time stamped 
digital documents of times that have no chance of becoming 

30 the identical time. 

36 . A computer usable medium having computer readable 
program codes embodied therein for causing a computer to 
function as a client device of a time stamping system, the 

35 computer readable program codes including: 
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a first computer readable program code for causing 
said computer to generate a plurality of digests for a 
plurality of digital documents; 

a second computer readable program code for causing 
5 said computer to combine the plurality of digests generated 
by the first computer readable program code; 

a third computer readable program code for causing 
said computer to generate a unified digest from the 
plurality of digests as combined by the second computer 
10 readable program code; 

a fourth computer readable program code for causing 
said computer to transmit a time stamping request 
containing the unified digest generated by the third 
computer readable program code, to a server device of the 
15 time stamping system; and 

a fifth computer readable program code for causing 
said computer to receive a time stamp token for the 
plurality of digital documents from the server device. 

20 37. A computer usable medium having computer readable 
program codes embodied therein for causing at least one 
computer to function as a server device of a time stamping 
system, the computer readable program codes including: 

a first computer readable program code for causing 

25 said at least one computer to realize a plurality of time 
acquisition units, each time acquisition unit sequentially 
acquiring the time information given in a prescribed 
constant incremental time unit, in response to a received 
digital document, independently from other time acquisition 

30 units; 

a second computer readable program code for causing 
said at least one computer to realize a plurality of 
combining units, provided in correspondence to the 
plurality of time acquisition units, each combining unit 
35 generating a plurality of time stamped digital documents by 
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sequentially combining the received digital document with 
the time information sequentially acquired by a 
corresponding one of the time acquisition units, 
independently from other combining units; 
5 a third computer readable program code for causing 

said at least one computer to realize a plurality of 
digital signature units, provided in correspondence to the 
plurality of combining units, each digital signature unit 
generating a digital signature for each time stamped 
10 digital document generated by a corresponding one of the 

combining units, independently from other digital signature 
units ; 

a fourth computer readable program code for causing 
said at least one computer to select a plurality of digital 

15 signatures, one digital signature per each digital 

signature unit, which are generated by the plurality of 
digital signature units for one time stamped digital 
document of an identical time, from a plurality of digital 
signatures generated by the plurality of digital signature 

20 units, and to generate a unified digital signature from 
selected digital signatures; and 

a fifth computer readable program code for causing 
said at least one computer to generate the time stamp token 
from said one time stamped digital document and the unified 

25 digital signature generated by the fourth computer readable 
program code. 
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ABSTRACT OF THE DISCLOSURE 



In a time stamping: system formed by a client device 
and a server device, the client device includes a digest 
generation unit for generating a plurality of digests for a 
plurality of digital documents, a digest combining unit for 
combining the plurality of digests generated by the digest 
generation unit, a unified digest generation unit for 
generating a unified digest from the plurality of digests 
as combined by the digest combining unit, a transmission 
unit for transmitting a time stamping request containing 
the unified digest generated by the unified digest 
generation unit, to the server device, and a reception unit 
for receiving a time stamp token for the plurality of 
digital documents from the server device. The server device 
generates the time stamp token containing a time stamped 
digital document obtained by combining the unified digest 
and a time information acquired in response to the time 
stamping request, and a digital signature for the time 
stamped digital document. 
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